Method for scanning and detecting generalized unknown virus

A technology for scanning and detecting unknown viruses, which is applied in the field of scanning and detecting generalized unknown viruses, can solve problems such as not being able to scan out unknown viruses, and achieve the effect of safeguarding information security

Inactive Publication Date: 2009-03-11
江启煜
View PDF0 Cites 42 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Only some unknown variants of known viruses can be detected, and new unknown viruses cannot be scanned

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0063] The main innovative idea of ​​the present invention is: not relying on the virus signature database, constructing the virus surface behavior characteristic database according to the relative specific changes in the system caused by the virus behavior of the computer virus, scanning and detecting the computer virus, and constructing a fake The virus surface behavior characteristic database makes a second judgment on suspicious virus files in order to rule out normal programs. And automatically extract the file surface features and file content features of the scanned suspicious virus, form a temporary feature code database, and conduct a comprehensive scan and detection of the computer system in order to remove the virus body remaining in the system.

[0064] The invention can scan and detect most of the known viruses and generalized unknown viruses under the condition that the database upgrade frequency is very low, and the scanning detection speed is fast, the specifici...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a method for scanning and detecting a generalized unknown virus. Namely, a virus surface behavior characteristic database is constructed via relative specificity changes generated by a system due to virus activities of a computer virus; a suspicious virus is scanned; meanwhile, by carrying out detection to mass normal programs, a fake virus surface behavior characteristic database is constructed to conduct the secondary detection to suspicious documents affected by the virus so as to exclude normal programs. And document surface characteristics and document content characteristics of the suspicious virus scanned are automatically extracted to establish a temporary characteristic code database so as to carry out overall scan and detection to the system and to remove residual virions. The detected suspicious document affected by the virus is conducted with relative process. The method can detect most of the known virus and the generalized unknown virus, without depending on the characteristic code database, and has noticeable advantages of a lower updated-frequency database, quicker scan and detection speed and less occupied resource, compared with the existing scan and detection technology.

Description

technical field [0001] The invention relates to a method for scanning and detecting unknown viruses in a broad sense. Compared with the existing anti-computer virus technology, the invention can scan and detect most of known viruses and unknown viruses in a broad sense without relying on a signature database. Virus. Background technique [0002] In today's rapid development of information technology, although many anti-computer virus products have appeared, they have indeed played a certain role in scanning and detecting known computer viruses, but they cannot effectively fight against unknown viruses. major threat to information security. [0003] Existing computer virus scanning and detection technologies are mainly divided into three types: heuristic code scanning technology, feature code scanning technology, and auxiliary feature code scanning technology. [0004] (1) Heuristic code scanning technology: a dynamic anti-truth or decompiler implemented in a specific way, ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/22G06F21/56
Inventor 江启煜
Owner 江启煜
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap